You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by jl...@apache.org on 2015/02/13 21:22:22 UTC
hadoop git commit: YARN-2847. Linux native container executor
segfaults if default banned user detected. Contributed by Olaf Flebbe (cherry
picked from commit 1a0f508b6386b1c26ec606f6d73afddaa191b7d8)
Repository: hadoop
Updated Branches:
refs/heads/branch-2 f50779155 -> c9cd58d71
YARN-2847. Linux native container executor segfaults if default banned user detected. Contributed by Olaf Flebbe
(cherry picked from commit 1a0f508b6386b1c26ec606f6d73afddaa191b7d8)
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/c9cd58d7
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/c9cd58d7
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/c9cd58d7
Branch: refs/heads/branch-2
Commit: c9cd58d711dceeb0d3f12ec72cdc2eb7bb95b694
Parents: f507791
Author: Jason Lowe <jl...@apache.org>
Authored: Fri Feb 13 20:20:07 2015 +0000
Committer: Jason Lowe <jl...@apache.org>
Committed: Fri Feb 13 20:22:12 2015 +0000
----------------------------------------------------------------------
hadoop-yarn-project/CHANGES.txt | 3 +++
.../impl/container-executor.c | 3 ++-
.../test/test-container-executor.c | 24 ++++++++++++++++----
3 files changed, 24 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hadoop/blob/c9cd58d7/hadoop-yarn-project/CHANGES.txt
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/CHANGES.txt b/hadoop-yarn-project/CHANGES.txt
index 8be8934..9767bd5 100644
--- a/hadoop-yarn-project/CHANGES.txt
+++ b/hadoop-yarn-project/CHANGES.txt
@@ -557,6 +557,9 @@ Release 2.7.0 - UNRELEASED
YARN-3164. RMAdmin command usage prints incorrect command name.
(Bibin A Chundatt via xgong)
+ YARN-2847. Linux native container executor segfaults if default banned
+ user detected (Olaf Flebbe via jlowe)
+
Release 2.6.0 - 2014-11-18
INCOMPATIBLE CHANGES
http://git-wip-us.apache.org/repos/asf/hadoop/blob/c9cd58d7/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c
index 314a05e..1c214c6 100644
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c
@@ -684,8 +684,9 @@ struct passwd* check_user(const char *user) {
return NULL;
}
char **banned_users = get_values(BANNED_USERS_KEY);
- char **banned_user = (banned_users == NULL) ?
+ banned_users = banned_users == NULL ?
(char**) DEFAULT_BANNED_USERS : banned_users;
+ char **banned_user = banned_users;
for(; *banned_user; ++banned_user) {
if (strcmp(*banned_user, user) == 0) {
free(user_info);
http://git-wip-us.apache.org/repos/asf/hadoop/blob/c9cd58d7/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/test/test-container-executor.c
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/test/test-container-executor.c b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/test/test-container-executor.c
index 7f08e06..be6cc49 100644
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/test/test-container-executor.c
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/test/test-container-executor.c
@@ -89,15 +89,19 @@ void run(const char *cmd) {
}
}
-int write_config_file(char *file_name) {
+int write_config_file(char *file_name, int banned) {
FILE *file;
file = fopen(file_name, "w");
if (file == NULL) {
printf("Failed to open %s.\n", file_name);
return EXIT_FAILURE;
}
- fprintf(file, "banned.users=bannedUser\n");
- fprintf(file, "min.user.id=500\n");
+ if (banned != 0) {
+ fprintf(file, "banned.users=bannedUser\n");
+ fprintf(file, "min.user.id=500\n");
+ } else {
+ fprintf(file, "min.user.id=0\n");
+ }
fprintf(file, "allowed.system.users=allowedUser,daemon\n");
fclose(file);
return 0;
@@ -385,7 +389,7 @@ void test_delete_user() {
char buffer[100000];
sprintf(buffer, "%s/test.cfg", app_dir);
- if (write_config_file(buffer) != 0) {
+ if (write_config_file(buffer, 1) != 0) {
exit(1);
}
@@ -745,7 +749,7 @@ int main(int argc, char **argv) {
exit(1);
}
- if (write_config_file(TEST_ROOT "/test.cfg") != 0) {
+ if (write_config_file(TEST_ROOT "/test.cfg", 1) != 0) {
exit(1);
}
read_config(TEST_ROOT "/test.cfg");
@@ -817,6 +821,16 @@ int main(int argc, char **argv) {
seteuid(0);
// test_delete_user must run as root since that's how we use the delete_as_user
test_delete_user();
+ free_configurations();
+
+ printf("\nTrying banned default user()\n");
+ if (write_config_file(TEST_ROOT "/test.cfg", 0) != 0) {
+ exit(1);
+ }
+
+ read_config(TEST_ROOT "/test.cfg");
+ username = "bin";
+ test_check_user();
run("rm -fr " TEST_ROOT);
printf("\nFinished tests\n");